home

daemon-tools.softonic.it

Softonic International SA

Domain Information

This domain has been known to host and distribute adware as well as other potentially unwanted software. The hosted servers are located in Barcelona, Catalonia within Spain which resides on the RIPE Network Coordination Centre network.
Server location:
Catalonia, Spain (ES)

ASN:
AS51773 SOFTONIC-AS SOFTONIC INTERNATIONAL S.L.

Root domain:
softonic.it

Whois:
2 softonic.it records

Scanner detections:
Detections  (100% detected)

Scan engine
Details
Detections

Reason Heuristics
Bundler.PPI.Softonic.m, Bundler.PPI.Softonic.d, Bundler.PPI.Softonic.i, PUP.Softonic.Bundler (M), Bundler.SoftonicDownloader (M)
100.00%

Malwarebytes
PUP.Optional.Softonic.A
56.52%

VIPRE Antivirus
Softonic Downloader, Threat.4786139, Threat.4150696
56.52%

Dr.Web
Adware.Downware.2454, Adware.Downware.1328, Adware.Downware.1657, Adware.Downware.5743, Adware.Downware.1132, Adware.Downware.498
52.17%

ESET NOD32
Win32/SoftonicDownloader (variant), Win32/SoftonicDownloader.G potentially unwanted (variant)
34.78%

K7 AntiVirus
Unwanted-Program
34.78%

Kaspersky
not-a-virus:Downloader.Win32.Agent
34.78%

Agnitum Outpost
PUA.Softonic, PUA.Downloader
30.43%

NANO AntiVirus
Trojan.Win32.Agent.divudw, Trojan.Win32.Agent.dfxnbt, Trojan.Win32.Siggen6.dlxlyf, Trojan.Win32.Downware.csjwcr, Trojan.Win32.Agent.dlbbee
30.43%

Comodo Security
Application.Win32.Agent.SOFE, Application.Win32.SoftonicDownloader.A
26.09%

Baidu Antivirus
Adware.Win32.SoftonicDownloader, Hacktool.Win32.Downloader, Trojan.Win32.SoftonicDownloader, PUA.Win32.SoftonicDownloader
26.09%

Trend Micro House Call
TROJ_GEN.F47V0326, TROJ_GEN.F47V0914, TROJ_GEN.F47V0612, TROJ_GEN.F47V0807, Suspicious_GEN.F47V1229, Suspicious_GEN.F47V0701
26.09%

F-Prot
W32/Softonic.C2.gen, W32/S-20d4b341, W32/S-1281df00
26.09%

Rising Antivirus
PE:Malware.Obscure/Heur!1.9E03, PE:Malware.Obscure/Huer!1.9E03
21.74%

McAfee
Artemis!24C434F566F3, Artemis!0EB9074F3296, Artemis!1D4E1B6D25D1, Artemis!D28CD7CFA81C, Artemis!F2795CDACCBF
21.74%

The domain daemon-tools.softonic.it has been seen to resolve to the following 2 IP addresses.

46.28.209.20
commoncobs.softonic.com
April 10, 2016

46.28.209.4
www.softonic.it
April 14, 2014

File downloads found at URLs served by daemon-tools.softonic.it.

1 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

5 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools.exe)

1 / 68      (Adware)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools.exe)

1 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

9 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools.exe)

18 / 68    (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools.exe)

1 / 68      (Adware)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

1 / 68      (Adware)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

1 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

1 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

15 / 68    (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

1 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

1 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

25 / 68    (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

1 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools.exe)

17 / 68    (Adware)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

17 / 68    (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

13 / 68    (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

11 / 68    (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

12 / 68    (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools.exe)

9 / 68      (Adware)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools-lite.exe)

7 / 68      (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (softonicdownloader_per_daemon-tools.exe)

13 / 68    (PUP)
http://daemon-tools.softonic.it/universaldownloader-launch  (SoftonicDownloader.exe )

The following 10 files have been seen to comunicate with daemon-tools.softonic.it in live environments.

TCP » 46.28.209.20:80
UCBrowser.exe (UC Browser by UCWeb)

TCP » 46.28.209.20:80
APK2Mobile.exe (TODO: <Product name> by TODO: <Company name>)

TCP » 46.28.209.20:80
{blocked}.exe

TCP » 46.28.209.20:80
softonicdownloader_pour_itools-for-windows.exe (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
softonicdownloader_pour_speedy-video-capture.exe.infected (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
softonicdownloader_fuer_minecraft-skinedit.exe (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
softonicdownloader_per_vlc-media-player.exe (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
softonicdownloader_per_songr.exe (Softonic Downloader by Softonic)

TCP » 46.28.209.20:80
online-guardian-v2.0.9.exe

TCP » 46.28.209.20:80
softonicdownloader_pour_winrar.exe (Application Setup)

URL:
http://daemon-tools.softonic.it/

Google Analytics:
UA-43493347

Title:
“Immagini e lettori virtuali - Softonic”

Description:
“Scarica Immagini e lettori virtuali degli utenti su Softonic. Download software.”

Web server:
Apache

softonic.com

softonic.com.br

softonic.jp

softonic.fr

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.